Black Hat USA 2009 4-day Training Session

July 25-28

Certified Ethical Hacker (CEH) Version 6

EC Council

Overview:

With a total of 63 modules, covering the latest methodology and technology in hacking, the Certified
Ethical Hacker (C|EH) Version 6 can be considered one of the world’s most advanced ethical hacking certification.

The goal of the ethical hacker is to help the organization take preemptive measures against malicious attacks
by attacking the system himself; all the while staying within legal limits. This philosophy stems from the proven
practice of trying to catch a thief, by thinking like a thief. As technology advances and organization depend on
technology increasingly, information assets have evolved into critical components of survival.

If hacking involves creativity and thinking ‘out-of-the-box’, then vulnerability testing and security audits
will not ensure the security proofing of an organization. To ensure that organizations have adequately protected
their information assets, they must adopt the approach of 'defense in depth'. In other words, they must penetrate
their networks and assess the security posture for vulnerabilities and exposure.

The definition of an Ethical Hacker is very similar to a Penetration Tester. The Ethical Hacker
is an individual who is usually employed with the organization and who can be trusted to undertake
an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. Hacking
is a felony in the United States and most other countries. When it is done by request and under a
contract between an Ethical Hacker and an organization, it is legal. The most important point is
that an Ethical Hacker has authorization to probe the target.

The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking
from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application
knowledge of security officers, auditors, security professionals, site administrators, and anyone who is
concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional
who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same
knowledge and tools as a malicious hacker.

Learning Objectives

This class will immerse the student into an interactive environment where they will be shown how to scan,
test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge
and practical experience with the current essential security systems.

Students will begin by understanding how perimeter defenses work and then be lead into scanning and
attacking their own networks, no real network is harmed. Students then learn how intruders escalate
privileges and what steps can be taken to secure a system. Students will also learn about Intrusion
Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Who Should Attend?

This course will significantly benefit security officers, auditors, security professionals,
site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Course Length: Four days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.

Trainer:

Tom Bowers, C|EH, CISSP, PMP
Independent Trainer/Consultant

In the world of High-Tech, High-Value information, Tom Bowers, CISSP, PMP takes the old proverb, “Keep Your Friends Close, Your Enemies Closer” to heart. As a Certified Ethical Hacker, Tom is a well known expert in the area of data leakage prevention, global enterprise information, security architecture and ethical hacking.

With over 25 years of experience in the field of computer technology and information systems Bowers has served as the chief architect for information security structures and protections in numerous industries. He brings a real world, pragmatic approach to the business of security based upon his Fortune 100 enterprise experience in both the IT and Global Security functions. Bowers leads the independent think tank and industry analyst group Security Constructs, LLC. His areas of expertise include aligning business needs with security architecture, risk assessment and project management on a global scale.

As immediate past president of the Philadelphia chapter of Infragard, a non-profit organization consisting of members of the FBI and physical/cyber security professionals from private industry, Tom lead one of the largest chapters in the country with over 850 members. Tom works closely with law enforcement agencies including the FBI on issues of computer forensics and investigations of security breaches, theft and fraud.

Bowers shares his depth of knowledge with the computer and information technology and security field as a Technical Editor for both TechTarget (Information Security Magazine, SearchSecurity.com) and IDG Publications (ComputerWorld, InfoWorld) He is the author of several white papers, >100 articles and is a highly respected speaker at conferences and webinars. He has recently been featured in CSO Magazine, CIO Decisions, InfoWorld, ComputerWorld, NetworkWorld, SearchSecurity.com, Information Security Magazine, BusinessWeek and The Wall Street Journal. Tom is one of EC-Council's Master Trainers.